This sample audit report outlines the approach employed by internal audit to develop an audit plan for core audits and hot spots.
In this sample, core foundational audits are conducted each year that focus on key-risk areas, hotel-specific processes, SEC and other regulatory requirements. Sarbanes-Oxley (SOX) audits are performed and include a financial reporting process, financial systems, hotel audits for finance, operations and IT areas, and cyber risk and data privacy. Hot spot audits are top-of-mind audits that directly relate to risk areas impacting company business. These hot topic/top-of-mind audits address key-risk areas and ongoing initiatives are consistently referenced during risk assessment sessions and risk council meetings and/or identified during prior year audits.
Example hot topic areas in this sample include:
- Currency fluctuations
- Post go-live
- Third-party access to IT systems
- Development/acquisition due diligence and underwriting